Bug #10545
closed
Rudder fails to accept inventories with user account different only in their case
Added by François ARMAND about 7 years ago.
Updated almost 2 years ago.
Category:
Web - Nodes & inventories
Severity:
Major - prevents use of part of Rudder | no simple workaround
User visibility:
Getting started - demo | first install | level 1 Techniques
Description
On a node, if we have both user "TEST" and "test" defined, the inventory can not be added to Rudder with the following error:
[2017-03-31 11:15:33] ERROR com.normation.ldap.sdk.RwLDAPConnection - Exception ignored (by configuration) when trying to add entry 'nodeId=ffffffff-bdf1-0000-02a1-3d44ad000000,ou=Nodes,ou=Pending Inventories,ou=Inventories,cn=rudder-configuration'. Reported exception was: localAccountName: value #22 provided more than once
com.unboundid.ldap.sdk.LDAPException: localAccountName: value #22 provided more than once
Case is important in accounts, and that must be supported.
The problem is that we are declaring localAccountName in LDAP schema as follow:
attributeTypes: ( 1.3.6.1.4.1.35061.1.1.300.5
NAME 'localAccountName'
DESC 'A local account name (login) on the server'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
The equality match is case unsensitive. It should not.
We can safelly change it to "caseExactMatch", because we are making the comparison stricter that way, so no user will have a corrupted data base doing so.
You can make the change by hand, on the root server:
root@server# vim /opt/rudder/etc/openldap/schema/inventory.schema
# go to localAccountName and change caseIgnoreMatch into caseExactMatch
root@server# service rudder-slapd restart
....
[OK]
- Status changed from New to In progress
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Jonathan CLARKE
- Pull Request set to https://github.com/Normation/ldap-inventory/pull/103
- Status changed from Pending technical review to Pending release
- Status changed from Pending release to Released
This bug has been fixed in Rudder 3.1.19, 4.0.4 and 4.1.1 which were released today.
Also available in: Atom
PDF